code-projects Online FIR System SQL Database Backup File complaints.sql sensitive...

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. The attack may be performed from remote. The exploit is now public and may be used.

Basic Information

ID CVE-2026-5666

Source VulDB

Published Apr 6, 2026 at 15:30

Modified Apr 7, 2026 at 16:00

Affected Product

Vendor code-projects

Product Online FIR System

Version 1.0

Affected Versions code-projects Online FIR System 1.0

CWE Classification

CWE-922 CWE-200

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. The attack may be performed from remote. The exploit is now public and may be used.",
    "published": "2026-04-06T15:30:13.502Z",
    "modified": "2026-04-07T16:00:58.394Z",
    "type": "cve",
    "title": "code-projects Online FIR System SQL Database Backup File complaints.sql sensitive information",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/355489\nhttps://vuldb.com/vuln/355489/cti\nhttps://vuldb.com/submit/786322\nhttps://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/Sensitive%20Information%20Disclosure%20in%20Online%20FIR%20System%20PHP%20Exposed%20Database%20Backup.md\nhttps://code-projects.org/",
    "id": "CVE-2026-5666",
    "bulletinFamily": "",
    "cwe": [
        "CWE-922",
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "code-projects Online FIR System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Online FIR System",
    "version": "1.0",
    "vendor": "code-projects",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

code-projects Online FIR System SQL Database Backup File complaints.sql sensitive information_CVE-2026-5666